Privacy Policy

This policy explains what information we collect, how we use it, and the rights you have over your data. We aim to be straightforward — no dense legalese where plain language will do.

Information We Collect

• Email addresses — collected via our email capture and contact forms when you opt in.
• Provider submission data — information you voluntarily submit when listing a pen testing company.
• Review submissions — content you submit when reviewing a provider, including any contact details you choose to share.
• IP addresses — logged temporarily for rate limiting and abuse prevention.

How We Use It

• To send newsletters and product updates where you have opted in.
• To respond to enquiries sent through our contact forms.
• To moderate reviews and verify their authenticity.
• To enforce rate limits and prevent abuse of our services.

Data Storage

Data is stored in Supabase, hosted in the EU region. We retain personal data until you request removal or unsubscribe. IP logs used for rate limiting are retained for a short, rolling window.

Third Parties

We rely on a small number of processors to operate the site:

• Supabase — database and authentication services.
• Netlify — hosting and content delivery.
• Vercel Analytics — privacy-friendly, aggregate traffic analytics.

Your Rights (GDPR / UK GDPR)

You have the right to access, rectify, erase, export, and object to the processing of your personal data. To exercise any of these rights, email privacy@pentestingproviders.com and we will respond within 30 days.

Cookies

We only use cookies required for Vercel Analytics, which provides aggregate, anonymised traffic data. We do not set advertising or cross-site tracking cookies.

Contact

Questions about this policy or how we handle your data? Email privacy@pentestingproviders.com.

Updates

We may update this policy from time to time. Material changes will be announced on this page.

Last updated: 17 April 2026